CVE-2008-5569

2008-12-1517:45:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in PHPepperShop 1.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php or (2) shop/kontakt.php, or (3) shop_kunden_mgmt.php or (4) SHOP_KONFIGURATION.php in shop/Admin/.

References

osvdb.org/50568

osvdb.org/50569

osvdb.org/50570

osvdb.org/50571

secunia.com/advisories/33069

securityreason.com/securityalert/4745

www.securityfocus.com/archive/1/498998/100/0/threaded

www.securityfocus.com/bid/32690

exchange.xforce.ibmcloud.com/vulnerabilities/47157